On Fri, Sep 15, 2000 at 01:03:50PM -0400, Dan Sugalski wrote:
> At 04:52 AM 9/15/00 -0400, Michael G Schwern wrote:
> >On Fri, Sep 15, 2000 at 01:52:00AM -0000, Perl6 RFC Librarian wrote:
> > > =head1 TITLE
> > >
> > > Extend the window to turn on taint mode
> >
> >As long as we're talking about tainting (this is a good idea, BTW) how
> >does everyone feel about a few other tainting widgets...
> >
> >- A way to know when taint mode is on. ($TAINT or something)
> >
> >- A way to explicity taint a variable (taint(@this)).
> >
> >And no, there shouldn't be an untaint() function. Orthoginality can
> >blow me, detainting without filtering should remain hard.
>
> Damn straight. :) Security's annoying, and people can, in this instance, cope.
>
> >- A way to explicitly check if a variable is tainted (is_tainted(%this))
>
> Take a look at the Taint modules on CPAN. Mine does just these, and I think
> Tom Phoenix's does a bunch more.
I'm kinda surfing the edge here. -T is definately an internals issue,
but $TAINT? taint()? is_tainted()?
I'm not sure if they should be exposed into the language from the
internals, or if a superstudly taint.xs in stdlib is more appropriate.
Thoughts?
Z.
